Windows SMBv1 Remote Command Execution
Added: 04/26/2017CVE: CVE-2017-0143
BID: 96703
Background
Server Message Block (SMB) is the protocol used by Microsoft Windows computers to communicate over a network. SMBv1 was the first version of this protocol and is still supported by modern Windows versions.Problem
A vulnerability in the handling of certain SMBv1 requests could allow a remote attacker to execute arbitrary commands.Resolution
Apply the patch referenced in MS17-010, or disable SMBv1.References
https://technet.microsoft.com/en-us/library/security/ms17-010.aspxLimitations
Exploit works on Windows 7 and Windows Server 2008 R2.If the exploit succeeds against a 32-bit target, the target reboots when the command connection is closed.
Platforms
Windows 7Windows Server 2008 R2
Back to exploit index